BoringSSL (#252)

Signed-off-by: turuslan <[email protected]>

Author: turuslan

cmake/Hunter/init.cmake

@@ -31,7 +31,7 @@ set(
 include(${CMAKE_CURRENT_LIST_DIR}/HunterGate.cmake)
 
 HunterGate(
-    URL  https://github.com/qdrvm/hunter/archive/refs/tags/v0.25.3-qdrvm12.zip
-    SHA1 9d4b9844b84d3dfbf4a90923eedb3875718abf54
+    URL  https://github.com/qdrvm/hunter/archive/refs/tags/v0.25.3-qdrvm15.zip
+    SHA1 b338eb3b6a989f19257d6d4acbc9f810abcf1b32
     LOCAL
 )

cmake/dependencies.cmake

@@ -15,8 +15,11 @@ hunter_add_package(Boost COMPONENTS random filesystem program_options)
 find_package(Boost CONFIG REQUIRED random filesystem program_options)
 
 # https://www.openssl.org/
-hunter_add_package(OpenSSL)
-find_package(OpenSSL REQUIRED)
+hunter_add_package(BoringSSL)
+find_package(OpenSSL CONFIG REQUIRED)
+
+hunter_add_package(libsecp256k1)
+find_package(libsecp256k1 CONFIG REQUIRED)
 
 # https://developers.google.com/protocol-buffers/
 hunter_add_package(Protobuf)

cmake/libp2pConfig.cmake.in

@@ -3,7 +3,7 @@
 include(CMakeFindDependencyMacro)
 
 find_dependency(Boost CONFIG REQUIRED random filesystem program_options)
-find_dependency(OpenSSL REQUIRED)
+find_dependency(OpenSSL CONFIG REQUIRED)
 find_dependency(Protobuf CONFIG REQUIRED)
 find_dependency(Threads)
 find_dependency(c-ares CONFIG REQUIRED)

include/libp2p/crypto/chachapoly/chachapoly_impl.hpp

@@ -25,9 +25,11 @@ namespace libp2p::crypto::chachapoly {
                                    BytesIn aad) override;
 
    private:
+    outcome::result<void> init(EVP_AEAD_CTX *ctx, bool encrypt);
+
     const Key key_;
-    const EVP_CIPHER *cipher_;
-    const int block_size_;
+    const EVP_AEAD *aead_;
+    const size_t overhead_;
     libp2p::log::Logger log_ = libp2p::log::createLogger("ChaChaPoly");
   };
 

include/libp2p/crypto/ecdsa_provider/ecdsa_provider_impl.hpp

@@ -45,8 +45,7 @@ namespace libp2p::crypto::ecdsa {
      */
     template <typename KeyType>
     outcome::result<KeyType> convertEcKeyToBytes(
-        const std::shared_ptr<EC_KEY> &ec_key,
-        int (*converter)(EC_KEY *, uint8_t **)) const;
+        const std::shared_ptr<EC_KEY> &ec_key, auto converter) const;
 
     /**
      * @brief Convert bytes to EC_KEY

include/libp2p/crypto/secp256k1_provider/secp256k1_provider_impl.hpp

@@ -6,14 +6,20 @@
 
 #pragma once
 
+#include <secp256k1.h>
 #include <memory>
 
-#include <openssl/ec.h>
 #include <libp2p/crypto/secp256k1_provider.hpp>
 
+namespace libp2p::crypto::random {
+  class CSPRNG;
+}  // namespace libp2p::crypto::random
+
 namespace libp2p::crypto::secp256k1 {
   class Secp256k1ProviderImpl : public Secp256k1Provider {
    public:
+    Secp256k1ProviderImpl(std::shared_ptr<random::CSPRNG> random);
+
     outcome::result<KeyPair> generate() const override;
 
     outcome::result<PublicKey> derive(const PrivateKey &key) const override;
@@ -26,20 +32,7 @@ namespace libp2p::crypto::secp256k1 {
                                  const PublicKey &key) const override;
 
    private:
-    /**
-     * @brief Convert secp256k1 private key bytes to OpenSSL EC_KEY structure
-     * @param input - private key bytes
-     * @return OpenSSL EC_KEY structure or error code
-     */
-    static outcome::result<std::shared_ptr<EC_KEY>> bytesToPrivateKey(
-        const PrivateKey &input);
-
-    /**
-     * @brief Convert secp256k1 public key bytes to OpenSSL EC_KEY structure
-     * @param input - private key bytes
-     * @return OpenSSL EC_KEY structure or error code
-     */
-    static outcome::result<std::shared_ptr<EC_KEY>> bytesToPublicKey(
-        const PublicKey &input);
+    std::shared_ptr<random::CSPRNG> random_;
+    std::unique_ptr<secp256k1_context, void (*)(secp256k1_context *)> ctx_;
   };
 }  // namespace libp2p::crypto::secp256k1

include/libp2p/injector/network_injector.hpp

@@ -285,7 +285,7 @@ namespace libp2p::injector {
     auto rsa_provider = std::make_shared<crypto::rsa::RsaProviderImpl>();
     auto ecdsa_provider = std::make_shared<crypto::ecdsa::EcdsaProviderImpl>();
     auto secp256k1_provider =
-        std::make_shared<crypto::secp256k1::Secp256k1ProviderImpl>();
+        std::make_shared<crypto::secp256k1::Secp256k1ProviderImpl>(csprng);
     auto hmac_provider = std::make_shared<crypto::hmac::HmacProviderImpl>();
     std::shared_ptr<crypto::CryptoProvider> crypto_provider =
         std::make_shared<crypto::CryptoProviderImpl>(csprng,

src/crypto/chachapoly/chachapoly_impl.cpp

@@ -4,14 +4,12 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 
-#include <libp2p/common/final_action.hpp>
+#include <openssl/aead.h>
 #include <libp2p/crypto/chachapoly/chachapoly_impl.hpp>
-#include <libp2p/crypto/common_functions.hpp>
 #include <libp2p/crypto/error.hpp>
 
-using libp2p::common::FinalAction;
-
 namespace libp2p::crypto::chachapoly {
+  constexpr size_t kTagSize = 16;
 
 #define IF1(expr, err, result) \
   if (1 != (expr)) {           \
@@ -21,125 +19,75 @@ namespace libp2p::crypto::chachapoly {
 
   ChaCha20Poly1305Impl::ChaCha20Poly1305Impl(Key key)
       : key_{key},
-        cipher_{EVP_chacha20_poly1305()},
-        block_size_{EVP_CIPHER_block_size(cipher_)} {}
+        aead_{EVP_aead_chacha20_poly1305()},
+        overhead_{EVP_AEAD_max_overhead(aead_)} {}
+
+  outcome::result<void> ChaCha20Poly1305Impl::init(EVP_AEAD_CTX *ctx,
+                                                   bool encrypt) {
+    IF1(EVP_AEAD_CTX_init_with_direction(
+            ctx,
+            aead_,
+            key_.data(),
+            key_.size(),
+            kTagSize,
+            encrypt ? evp_aead_seal : evp_aead_open),
+        "EVP_AEAD_CTX_init",
+        OpenSslError::FAILED_INITIALIZE_CONTEXT);
+    return outcome::success();
+  }
 
   outcome::result<Bytes> ChaCha20Poly1305Impl::encrypt(const Nonce &nonce,
                                                        BytesIn plaintext,
                                                        BytesIn aad) {
-    const auto init_failure = OpenSslError::FAILED_INITIALIZE_OPERATION;
-    std::vector<uint8_t> result;
+    bssl::ScopedEVP_AEAD_CTX ctx;
+    OUTCOME_TRY(init(ctx.get(), true));
+    Bytes result;
     // just reserving the space, possibly without actual memory allocation:
     // ciphertext length equals to plaintext length
     // one block size for EncryptFinal_ex (usually not required)
     // 16 bytes for the tag
-    result.reserve(plaintext.size() + block_size_ + 16);
-    auto *ctx = EVP_CIPHER_CTX_new();
-    if (nullptr == ctx) {
-      return OpenSslError::FAILED_INITIALIZE_CONTEXT;
-    }
-    FinalAction free_ctx([ctx] { EVP_CIPHER_CTX_free(ctx); });
-
-    IF1(EVP_EncryptInit_ex(ctx, cipher_, nullptr, nullptr, nullptr),
-        "Failed to initialize EVP encryption.",
-        init_failure)
-
-    IF1(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, 12, nullptr),
-        "Cannot set AEAD initialization vector length.",
-        init_failure)
-
-    IF1(EVP_EncryptInit_ex(ctx, nullptr, nullptr, key_.data(), nonce.data()),
-        "Cannot finalize init of encryption engine.",
-        init_failure)
-
-    int len{0};
-    IF1(EVP_EncryptUpdate(ctx, nullptr, &len, nullptr, plaintext.size()),
-        "Failed to calculate cipher text length.",
-        OpenSslError::FAILED_ENCRYPT_UPDATE)
-
-    // does actual memory allocation
-    result.resize(len + block_size_ + 16, 0u);
-    if (not aad.empty()) {
-      IF1(EVP_EncryptUpdate(ctx, nullptr, &len, aad.data(), aad.size()),
-          "Failed to apply additional authentication data during encryption.",
-          OpenSslError::FAILED_ENCRYPT_UPDATE)
-    }
-
-    IF1(EVP_EncryptUpdate(
-            ctx, result.data(), &len, plaintext.data(), plaintext.size()),
-        "Plaintext encryption failed.",
-        OpenSslError::FAILED_ENCRYPT_UPDATE)
-    int ciphertext_len = len;  // without tag size
-    IF1(EVP_EncryptFinal_ex(ctx, result.data() + len, &len),  // NOLINT
-        "Unable to finalize encryption.",
-        OpenSslError::FAILED_ENCRYPT_FINALIZE)
-
-    ciphertext_len += len;
-    IF1(EVP_CIPHER_CTX_ctrl(ctx,
-                            EVP_CTRL_AEAD_GET_TAG,
-                            EVP_CTRL_AEAD_GET_TAG,
-                            result.data() + ciphertext_len),  // NOLINT
-        "Failed to write tag.",
-        OpenSslError::FAILED_ENCRYPT_FINALIZE)
-
-    // remove the last block_size bytes if those were not used
-    result.resize(ciphertext_len + 16);
+    result.resize(plaintext.size() + overhead_);
+    size_t out_size = 0;
+    IF1(EVP_AEAD_CTX_seal(ctx.get(),
+                          result.data(),
+                          &out_size,
+                          result.size(),
+                          nonce.data(),
+                          nonce.size(),
+                          plaintext.data(),
+                          plaintext.size(),
+                          aad.data(),
+                          aad.size()),
+        "EVP_AEAD_CTX_seal",
+        OpenSslError::FAILED_ENCRYPT_UPDATE);
+    result.resize(out_size);
     return result;
   }
 
   outcome::result<Bytes> ChaCha20Poly1305Impl::decrypt(const Nonce &nonce,
                                                        BytesIn ciphertext,
                                                        BytesIn aad) {
+    bssl::ScopedEVP_AEAD_CTX ctx;
+    OUTCOME_TRY(init(ctx.get(), false));
     Bytes result;
     // plain text should take less bytes than cipher text,
     // at least it would not contain tag-length bytes (16).
     // single block size for the case when len(in) == len(out)
-    result.resize(ciphertext.size() + block_size_, 0u);
-    auto *ctx = EVP_CIPHER_CTX_new();
-    FinalAction free_ctx([ctx] { EVP_CIPHER_CTX_free(ctx); });
-
-    IF1(EVP_DecryptInit_ex(ctx, cipher_, nullptr, nullptr, nullptr),
-        "Failed to initialize decryption engine.",
-        OpenSslError::FAILED_INITIALIZE_OPERATION)
-
-    IF1(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, 12, nullptr),
-        "Cannot set AEAD initialization vector length.",
-        OpenSslError::FAILED_INITIALIZE_OPERATION)
-
-    IF1(EVP_CIPHER_CTX_ctrl(
-            ctx,
-            EVP_CTRL_AEAD_SET_TAG,
-            EVP_CTRL_AEAD_GET_TAG,
-            (uint8_t *)ciphertext.data() + ciphertext.size() - 16),  // NOLINT
-        "Failed to specify buffer for further tag reading.",
-        OpenSslError::FAILED_DECRYPT_UPDATE)
-
-    IF1(EVP_DecryptInit_ex(ctx, nullptr, nullptr, key_.data(), nonce.data()),
-        "Cannot finalize init of decryption engine.",
-        OpenSslError::FAILED_INITIALIZE_OPERATION)
-
-    int len{0};
-    if (not aad.empty()) {
-      IF1(EVP_DecryptUpdate(ctx, nullptr, &len, aad.data(), aad.size()),
-          "Failed to apply additional authentication data during decryption.",
-          OpenSslError::FAILED_DECRYPT_UPDATE)
-    }
-
-    IF1(EVP_DecryptUpdate(ctx,
+    result.resize(ciphertext.size());
+    size_t out_size = 0;
+    IF1(EVP_AEAD_CTX_open(ctx.get(),
                           result.data(),
-                          &len,
+                          &out_size,
+                          result.size(),
+                          nonce.data(),
+                          nonce.size(),
                           ciphertext.data(),
-                          ciphertext.size() - 16),
-        "Ciphertext decryption failed.",
-        OpenSslError::FAILED_DECRYPT_UPDATE)
-
-    IF1(EVP_DecryptFinal_ex(ctx,
-                            result.data() + len,  // NOLINT
-                            &len),
-        "Failed to finalize decryption.",
-        OpenSslError::FAILED_DECRYPT_FINALIZE);
-
-    result.resize(ciphertext.size() - 16);
+                          ciphertext.size(),
+                          aad.data(),
+                          aad.size()),
+        "EVP_AEAD_CTX_open",
+        OpenSslError::FAILED_DECRYPT_UPDATE);
+    result.resize(out_size);
     return result;
   }
 

src/crypto/common_functions.cpp

@@ -6,6 +6,8 @@
 
 #include <libp2p/crypto/common_functions.hpp>
 
+#include <openssl/bn.h>
+#include <openssl/ecdsa.h>
 #include <libp2p/common/final_action.hpp>
 #include <libp2p/crypto/error.hpp>
 

src/crypto/crypto_provider/crypto_provider_impl.cpp

@@ -8,8 +8,10 @@
 
 #include <exception>
 
+#include <openssl/ecdsa.h>
 #include <openssl/err.h>
 #include <openssl/evp.h>
+#include <openssl/mem.h>
 #include <openssl/rand.h>
 #include <openssl/rsa.h>
 #include <openssl/x509.h>
@@ -509,7 +511,7 @@ namespace libp2p::crypto {
       }
 
       // calculate the size of the buffer for the shared secret
-      int field_size{EC_GROUP_get_degree(curve_group)};
+      auto field_size = static_cast<int>(EC_GROUP_get_degree(curve_group));
       int secret_len{(field_size + 7) / 8};
       uint8_t *secret_buffer{(uint8_t *)OPENSSL_malloc(secret_len)};  // NOLINT
       if (nullptr == secret_buffer) {